Coinbase delayed revealing data breach that may cost up to $400M, drops third-party vendor

Trending Cryptos
Coinbase delayed revealing data breach that may cost up to $400M, drops third-party vendor
0



Secret knowledge, sudden split: the crypto exchange faces mounting legal and regulatory heat for a four-month silence over a breach affecting at least 69,000 customers.

Coinbase was alerted as early as January 2025 that hackers had siphoned tens of thousands of customer records from one of its overseas support vendors, but the exchange waited until 14 May to notify regulators and users, according to internal emails reviewed by Reuters and interviews with three people briefed on the incident.

The revelation comes as Coinbase abruptly terminated its relationship with TaskUs, the Texas-based outsourcing firm whose India call centre staff were allegedly bribed to leak screenshots and KYC files. At least 69,461 customers’ names, addresses, partial Social Security numbers, and ticket histories were exposed. Coinbase has warned investors that the breach could cost $180 million to $400 million in remediation and potential claims.

Coinbase said it discovered evidence of contractor misconduct, moved quickly to cut access, and is enhancing controls across all third-party vendors.

TaskUs confirmed it fired more than 200 employees in Indore after Coinbase raised alarms in January, but it insisted it “immediately escalated” the issue to its client. A TaskUs spokesperson said the company is “cooperating with law enforcement agencies in India and the United States.”

A four-month disclosure gap

Under the U.S. Securities and Exchange Commission’s new cyber-incident rule, publicly traded companies must file an 8-K within four business days of determining an incident is material. Coinbase’s May filing noted “prior months” of unauthorised activity but did not specify the January alert.

Such inaction could be considered to be a textbook case of material non-compliance. The SEC may ask for confirmation as to why the clock didn’t start in January.

A securities-fraud class action filed Monday in the Eastern District of Pennsylvania alleges Coinbase “withheld adverse information” that would have moved its share price. A separate negligence suit targets TaskUs in Manhattan federal court on behalf of affected users.

Court filings describe a small criminal ring that paid support agents to photograph Coinbase’s screens with personal identifiers visible. By March, the scheme had widened, with stolen credentials sold on Telegram channels tied to “pig-butchering” crypto scams. On 11 May, the hackers, emboldened by their haul, emailed Coinbase demanding $20 million in exchange for deleting the data.

Coinbase refused, instead offering a $20 million bounty for information leading to arrests.

DateEventDec 2024Earliest unauthorized access allegedly begins (court filings)Jan 2025TaskUs agent in Indore caught photographing Coinbase data; Coinbase alerted the same day; TaskUs fires >200 staffMar 2025Breach spreads internally; plaintiffs say nearly 100k records compromised11 May 2025Hackers email Coinbase demanding $20 M ransom14 May 2025Coinbase files Form 8-K, admits “prior months” contractor abuse15 May 2025Public blog post + $20 M bounty; users learn of breach21 May 2025Maine AG notice lists 69,461 victims28 May 2025Class action against TaskUs (S.D.N.Y.)2 Jun 2025Reuters exposes Coinbase’s earlier knowledge; company severs TaskUs ties3 Jun 2025Stock volatility and regulatory scrutiny mount

Why TaskUs matters

TaskUs, founded in 2008 and now valued at around $1.5 billion, counts Meta and DoorDash among its clients. Crypto exchanges like Coinbase have leaned on the firm to provide 24/7 customer support at a lower cost than U.S. hires through its 61,400 full-time staff. Security consultants warn that offshoring sensitive identity documents to low-wage environments creates the perfect storm for insider bribery.

Human-layer attacks are increasingly outpacing technical exploits, as buying an underpaid agent is far cheaper than breaking robust encryption.

The breach occurs as Coinbase and other crypto stakeholders wage a public campaign for lighter U.S. crypto rules. Rival exchanges Kraken and Gemini, who also use business-process outsourcing shops, will now rush to audit their own vendor controls, according to people familiar with those reviews.

Meanwhile, affected Coinbase customers report continued phishing attempts and SIM-swap attacks. The company has offered two years of identity-theft monitoring but has not committed to reimbursing any downstream crypto losses.

What’s next

  • Regulatory scrutiny – The SEC and Federal Trade Commission can assess potential disclosure-timing violations.
  • Discovery trove – Plaintiffs will seek January-dated board minutes that could show executives debated, then deferred, disclosure.
  • Vendor shake-up – Industry analysts expect fintechs to diversify away from single-provider support models and adopt screen-capture-blocking tools.

For Coinbase, the incident threatens balance-sheet costs and its narrative as the most compliant brand in crypto. Trust is the only hard currency an exchange has. Losing it, even for four months, can be fatal.

Mentioned in this article



Source link

You might also like
Trending Cryptos

Suspected French crypto kidnappings leader arrested in Morocco

Trending Cryptos

Ethereum Foundation Sets Treasury Strategy to Back DeFi, Cut Spending Over Time

Trending Cryptos

Bitcoin Faces Wave Of Profit-Taking—But Price Holds At $105k

Trending Cryptos

AEON Integrates TRON Network to Enable Seamless In-Store Payments

Leave A Reply

Your email address will not be published.

bitcoin
Bitcoin (BTC) $ 104,677.05
ethereum
Ethereum (ETH) $ 2,614.12
tether
Tether (USDT) $ 1.00
xrp
XRP (XRP) $ 2.20
bnb
BNB (BNB) $ 666.06
solana
Solana (SOL) $ 152.75
usd-coin
USDC (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.189255
tron
TRON (TRX) $ 0.272892
cardano
Cardano (ADA) $ 0.67639